Canonical Unity-Firefox-Extension

CPE Details

Canonical Unity-Firefox-Extension
canonical
unity-firefox-extension
-
2021-04-14
11h05 +00:00
2021-05-20
13h18 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:canonical:unity-firefox-extension:-:*:*:*:*:*:*:*

Informations

Vendor

canonical

Product

unity-firefox-extension

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2013-1055 2021-04-07 19h20 +00:00 The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it with new callbacks until the libunity-webapps rate limit was hit. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 of unity-firefox-extension and in all versions of libunity-webapps by shipping an empty unity-firefox-extension package, thus disabling the extension entirely and invalidating the attack against the libunity-webapps package.
4.3
Medium
CVE-2013-1054 2021-04-07 19h20 +00:00 The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus disabling the extension entirely.
6.5
Medium